package com.guigu.controller;

import com.guigu.entity.Users;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.ArrayList;
import java.util.List;

@RestController
@RequestMapping("/test")
public class TestController {
//-----------------------非注解版----------------------------------
    @RequestMapping("/hello")
    public String add(){
        return "Hello SpringSecurity";
    }

    @RequestMapping("/index")
    public String index(){
        return "这是/test/index页面";
    }


//--------------------------注解版---------------------------------
    @RequestMapping("/update")
//    @Secured({"ROLE_update","ROLE_up"})
    @PostAuthorize("hasAuthority('ROLE_update')")
    @PostFilter("filterObject.username == 'admin1'")
    public List update(){
        ArrayList<Users> list = new ArrayList<>();

        list.add(new Users(11,"admin1","6666"));

        list.add(new Users(12,"admin2","888"));
        System.out.println(list);
        return list;
        //return "hello update";
    }

}
